Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

F#

Ruby

Assembly

Crystal

MATLAB

R

CSS

Haskell

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

C++

F#

Elm

PowerShell

Scala

Java

Go

C

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇳🇵 Nepal

🇨🇴 Colombia

🇰🇭 Cambodia

🇳🇺 Niue

🇲🇿 Mozambique

🇲🇪 Montenegro

🇹🇷 Turkey

🇾🇪 Yemen

All Countries Compare Countries

olafhartong/sysmon-cheatsheet

Stars
507
Rank 87,068 (Top 2 %)
Language
License
MIT License
Created over 5 years ago
Updated about 3 years ago

olafhartong/sysmon-cheatsheet

olafhartong

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

All sysmon event types and their fields explained

sysmon-cheatsheet

All sysmon event types and their fields explained

sysmon-modular

A repository of sysmon configuration modules

ThreatHunting

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

ATTACKdatamap

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

MDE-AuditCheck

MDE relies on some of the Audit settings to be enabled

Presentations

My conference presentations

detection-sources

DefenderHarvester

Expose a lot of MDE telemetry that is not easily accessible in any searchable form

TA-Sysmon-deploy

Deploy and maintain Symon through the Splunk Deployment Sever

WDACme

A WDAC configuration repository with the sole intention of enriching MDE

parsoalto

Palo Alto Networks Rule Parser

Sentinel-template-parser

Azure Sentinel Template parser

SA-Threat-Hunting

Splunk app for Threat hunting

sysmon-modular-linux

A repository of Sysmon For Linux configuration modules

sysmon-parser

Automatically generated Sysmon parser for Azure Sentinel

unfetter-discover

Unfetter-Discover Vagrant script for the Unfetter-Discover docker release

scripts

just random simple scripts

disposable-windows

A packer project to quickly have a test / dev / IR box

olafhartong

Clear-dminline

After migrating a Cisco ASA config to a Palo Alto config you remain with all these horrible DMINLINE objects, this tool resolves all members and replaces the ogroup object by its members

BHCEupload

A small go tool to upload JSON files to the BloodHound community edition API